An overview of EU data protection rules on use of data collected online

In the third of our series of articles considering the EU’s limited harmonisation of the laws regulating the activities of businesses using the Internet, we look at EU rules on the use of data collected online. We consider the principles governing the processing of personal data collected online. We then discuss the new rules on the use of cookies and the practical difficulties facing website operators in complying with them and conclude with a brief overview of the rules governing the transfer of personal data outside the EEA.     

Online selling and contracting: An overview of EU rules

In the second of our series of articles considering the EU’s limited harmonisation of the laws regulating the activities of businesses using the Internet, we look at the rules governing contracting and selling online. We consider the circumstances in which three key EU directives apply, the rights, under these directives, of consumers who contract online and the effect of electronic signatures as used for online contracting.     

Data retention in the UK: Pragmatic and proportionate,or a step too far?

On 6 April 2009 new legislation came into force, for the first time putting Internet service providers' duty to retain significant amounts of data (relating to customers' email and Internet usage) on a compulsory, as opposed to a voluntary footing. It is a topic which has provoked intense protest from the privacy lobby and fuelled months of “Big Brother” headlines in the press. For the industry it raises operational challenges – how to facilitate storage and retrieval of colossal amounts of data. In this article we consider the policy background to the regime, the detail of the UK implementation and the practical implications for communications service providers. We weigh up the privacy and human rights concerns against the business case put forward by the Government. We also examine the Government's proposals – announced at the end of April – to significantly extend and “future proof” this regime in the form of its Intercept Modernisation Programme.     

‘Customary internet-ional law’: Creating a body of customary law for cyberspace. Part 2: Applying custom as law to the Internet infrastructure

The shift in socio-economic transactions from real space to cyberspace through the emergence of electronic communications and digital formats has led to a disjuncture between the law and practices relating to electronic transactions. The speed at which information technology has developed require a faster, more reactive and automatic response from the law that is not currently met by the existing law-making framework. This paper suggests the development of special rules to enable Internet custom to form legal norms to fulfill this objective. In Part 2 of this article, I will construct the customary rules to Internet law-making that are applicable to electronic transactions by adapting customary international law rules; apply the suggested rules for determining customary Internet norms and identify some existing practices that may amount to established norms on the Internet, specifically practices relating to the Internet Infrastructure and Electronic Contracting.     

To block or not to block: European approaches to content regulation,and implications for freedom of expression

Based on the limited effectiveness of state laws, and lack of harmonization at international level a number of states started to introduce policies to block access to Internet content and websites deemed illegal which are situated outside their legal jurisdiction. However, blocking policies are not always subject to due process principles, decisions are not necessarily taken by the courts of law, and often administrative bodies or Internet hotlines run by the private sector decide which content or website should be subject to blocking. Therefore, increasingly, the compatibility of blocking action is questioned with regards to the fundamental right of freedom of expression. This article assesses significant developments at the pan-European level with regards to the development, and implementation of Internet content blocking policies. Adaptation of content blocking policies from certain member states of both the European Union and the Council of Europe will be used to assess the nature and implementation of access blocking policies. It will be argued that there could be a breach of Article 10 of the European Convention on Human Rights if blocking measures or filtering tools are used at state level to silence politically motivated speech on the Internet.     

Internet of Things – New security and privacy challenges

The Internet of Things, an emerging global Internet-based technical architecture facilitating the exchange of goods and services in global supply chain networks has an impact on the security and privacy of the involved stakeholders. Measures ensuring the architecture's resilience to attacks, data authentication, access control and client privacy need to be established. An adequate legal framework must take the underlying technology into account and would best be established by an international legislator, which is supplemented by the private sector according to specific needs and thereby becomes easily adjustable. The contents of the respective legislation must encompass the right to information, provisions prohibiting or restricting the use of mechanisms of the Internet of Things, rules on IT-security-legislation, provisions supporting the use of mechanisms of the Internet of Things and the establishment of a task force doing research on the legal challenges of the IoT.     

It's all linked: How communication to the public affects internet architecture

The architecture of the Internet is changing. A novel expansive construction of communication and making available to the public has been shaking the Internet ecosystem. It reaches into basic online activities, such as linking. Departing from well-established international approaches, the Court of Justice of the European Union (CJEU) has recently decided a multitude of cases that redesigned the notion of communication to the public in the Internet, while discussing linking activities in particular. This jurisprudence stands against a fluid legal framework searching for the optimal allocation of intermediary liability of information service providers. Communication to the public is at the centre stage of this legislative process as well. EU copyright legislative reform makes Online Content Sharing Service Providers (OCSSP)—the large majority of UGC platforms—communicating to the public. In doing so, the Copyright in the Digital Single Market Directive changes the fundamental rules under which online platforms operate and UGC content is created for a large portion of the connected world. This, in turn, is forcing online intermediaries to remodel the architecture of the Internet accordingly. Proactive filtering—rather than ex post review of allegedly infringing content and links—is set to become the first commandment governing the Internet of tomorrow.     

公安学术期刊国内网络读者分布状况分析

在网络大众化时代,我国公安学术期刊网络化也已成为一种强劲的普遍的发展趋势。从对CNKI中心网站5年的访问量分析,我国公安学术期刊的国内目标读者和潜在读者分布状况基本令人满意,大体与期刊性质和办刊宗旨相适应,但也存在网络传播情况不平衡、访问量差异较大和影响面有限等问题。     

移动设备电子搜查的制度挑战与程序规制——以英美法为比较对象

评估执法的正当需求和手机用户的合法权益成为移动互联网时代的程序规制命题。移动设备搜查对警察权力的重要性和公民权利保护的重要性日益凸显,应当将移动设备视为人们具有合理信赖的一个信息隐私空间。英国、美国的手机搜查规范上的域内不统一导致搜查实践的多样态、公民权利的保护缺陷。但其应对证据的移动电子化的基本思路——根据信息种类或其他变量进行立法,区别对待搜查条件——对中国相关搜查问题的解释和解决具有镜鉴意义。我国需要考虑确立获得搜查批准的原则,通过类型化规则给执法提供明确指导,并且明确搜查后的系列权利保障,进行电子搜查规则的适时调整与动态平衡。     

China's campaign-style Internet finance governance: Causes,effects, and lessons learned for new information-based approaches to governance,

China's Internet companies and citizens are now world leaders in developing and using the Internet and related information technologies for financial transactions. Accordingly, it is important that China becomes a world leader in identifying challenges posed by Internet finance, and providing law and governance solutions to address these challenges. While the Internet and its associated technologies are now globally available, a core question is whether, and to what extent, regulatory challenges and opportunities are common across different jurisdictions, or whether they reflect local circumstances. In short, an interesting question is what can the world learn from China as it takes the lead in addressing Internet finance challenges, and what can China learn from the world as it seeks to do so?This article first identifies the landscape of China's burgeoning Internet finance market, including key technologies and services and government and nongovernment players. The article then turns to key regulatory challenges, with a focus on factors especially significant in China. The article then examines the “top down” “campaign style” approach to regulation, which is China government's initial response to emerging challenges. Following an analysis of the campaign, some suggestions are then made for future possible governance strategies. We explain how emerging “information” based and experiment-based approaches to governance are drawing on both global and Chinese experiences to harness the capabilities of the Internet and the collective energies of Internet finance enterprises and users to advance the regulation of the China Internet finance system in a way that is conducive to the public interest.     

Emerging styles of social control on the internet: Justice denied

The rapid growth of the Internet during the past 10 years has resulted in many disagreements over who should have the power to make and enforce the rules of on-line content and conduct and what form, such rules and enforcement should take— informal or formal. The extremes at which each of these potentially complementary systems of social control are currently practiced have contributed to an atmosphere of inconsistency, contradiction, uncertainty, and excessive discretion amongst state agencies, Internet service providers, system operators, and Internet users. If the Internet is to serve as a major communication, entertainment, and information medium in the 21st Century, a system is needed that integrates the strengths of both informal and formal systems of control while respecting the social, intellectual, and political freedom of the Internet community.     

关于网络空间中刑事管辖权的思考

网络的出现及其连接上的虚拟化无限延展的特性 ,对于传统的刑事管辖权理论及现实规则形成了实质冲击。国内外对网络虚拟空间中的刑事管辖权存在着广泛的理论争议 ,而影响不同管辖权理论学说的因素 ,不仅存在着网址与访问行为等客观影响因素 ,同时存在着基于对网络无限延展而担心出现的“无法”空间的主观恐惧。网络虚拟空间中的刑事管辖权的合理确定 ,应当是以传统的刑事管辖权为基础 ,基于谦抑原则的略有扩张     

Do algorithms dream of ‘data’ without bodies?

ABSTRACT

The question whether algorithms dream of ‘data’ without bodies is asked with the intention of highlighting the material conditions created by wearables for fitness and health, reveal the underlying assumptions of the platform economy regarding individuals’ autonomy, identities and preferences and reflect on the justifications for intervention under the General Data Protection Regulation. The article begins by highlighting key features of platform infrastructures and wearables in the health and fitness landscape, explains the implications of algorithms automating, what can be described as ‘rituals of public and private life’ in the health and fitness domain, and proceeds to consider the strains they place on data protection law. It will be argued that technological innovation and data protection rules played a part in setting the conditions for the mediated construction of meaning from bodies of information in the platform economy.     

Developments in cybercrime law and practice in Ethiopia

With increasing access to information and communication technologies such as the Internet, Ethiopia has recently taken responsive legislative measures. One such legislative measure is enactment of cybercrime rules as part of the Criminal Code of 2004. These rules penalize three items of computer crimes namely hacking, dissemination of malware and denial of service attacks. The cybercrime rules are however slightly outdated due to changes that have occurred in the field of cybercrime since the enactment of the Code. The surge of new varieties of cybercrimes previously uncovered under the Code and the need to legislate tailored evidentiary and procedural rules for investigation and prosecution of cybercrimes have recently prompted the Ethiopian government to draft modern and comprehensive cybercrime legislation, but the draft law still needs further work on cybercrimes in light of other major legislative developments at regional and national levels. This article closely examines major developments in cybercrime law and practice in Ethiopia since the enactment of the first set of cybercrime rules and proffers recommendations towards a unified cybercrime regime.     

New resources for the forensic genetics community available on the NIST STRBase website

For more than a decade, the U.S. National Institute of Standards and Technology (NIST) has maintained the short tandem repeat DNA Internet database (STRBase), which is located at http://www.cstl.nist.gov/biotech/strbase/. The purpose of STRBase has been and continues to be an attempt to bring together the abundant literature and information in the forensic genetics field in a cohesive fashion to make current and future work easier. New materials are regularly added to expand the valuable information contained on the STRBase website.     

Crime Data,the Internet,and Free Speech: An Evolving Legal Consciousness

Digitization and open access to governmental data have made criminal justice information incredibly easy to access and disseminate. This study asks how law should govern access to criminal histories on the Internet. Drawing upon interviews with crime website publishers and subjects who have appeared on websites, I use legal consciousness theory to show how social actors interpret, construct, and invoke law in a nascent and unregulated area. The analysis reveals how both parties construct legality in the absence of positive legal restrictions: Website publishers use legal justifications, while those appealing to have their online record cleared resort to personal pleas, as opposed to legal remedy. Ultimately, I show how current data practices reinforce structural inequalities already present in criminal justice institutions in a profoundly public manner, leaving website subjects with little recourse and an inescapable digital trail.     

从现实到虚拟:计算机侵入禁止规范的构成及适用——兼论计算机同意

计算机侵入禁止源自于传统的侵入禁止规范。在大数据、云计算、cookies技术的背景下,该罪构成要件要素的"访问",应采最广义的发送信息说,主要应由"未经授权"限制该禁止规范。由于互联网协议已明确规定网络具有开放性,所以,计算机同意通常等同于机主同意。当计算机不使用公共域名或者使用第三方软件为用户访问设置了现实障碍时,被告人使用第三方软件或者规避认证制度而进行的访问,会被视为是事实欺诈,计算机同意因有别于机主同意而无效,行为构成未经授权的访问。越权访问实际上是违约行为,即使其构成欺诈,但由于计算机产生认识错误的对象通常并非是访问行为本身,而是其回报或者意义,所以,被害人同意仍然有效。这也是刑法原则上不干预违约行为的规范原因。然而,当违约行为违反预期功能、义务冲突和合理预期等标准,而动摇了同意的基础时,则会使其由诱因欺诈变成事实欺诈,被害人同意无效,行为通常会构成犯罪。     

Trust in the proposed EU regulation on trust services?

A few months after ICRI's 20th anniversary conference the European Commission adopted on 4 June 2012 a draft regulation “on electronic identification and trusted services for electronic transactions in the internal market”. The proposed legal framework is intended to give legal effect and mutual recognition to trust services including enhancing current rules on e-signatures and providing a legal framework for electronic seals, time stamping, electronic document acceptability, electronic delivery and website authentication. Yet, this draft Regulation provokes many questions with regard to the implicit “trust” concept on which it is based. Starting from their experience in the EU FP7 uTRUSTit project (Usable Trust in the Internet of Things: www.utrustit.eu) and in other ICRI research projects, Jos Dumortier and Niels Vandezande have analyzed the proposed legislative text of the European Commission and wrote a few critical observations. Although obviously not presented at the conference in November 2011, it seemed worthwhile to add this contribution to its proceedings.     

The liability of website owners for defamation in Israel: A challenge yet to be solved?

From the end of the twentieth century to the present we have witnessed the effects of technology on the way we consume and distribute information. The print media, which in many ways was the natural product of the printing revolution, has given way to the electronic media with websites providing the new “town squares” in which the public discourse is held on political, economic and social issues among others. The Israeli legal system, like the legal systems in other countries, faces a variety of challenges and complex ethical and legal issues when required to regulate (often retrospectively) the manner and processes through which the discourse will be conducted in the virtual “town hall”. In essence, this article focuses on one of the many questions occupying the Israeli legal system and that is whether website owners should be liable in defamation for speech published by third parties on the Internet (through blogs, tweets on Twitter, posts on Facebook,¹ uploaded video clips on YouTube and the like) when no connection exists between the third party and the site owner apart from the fact that the third party has used the website as a platform to publish the offensive speech. The issue of the liability of the website owner has ramifications for the injured party's capacity to institute an action for defamation against the website owner, as often only the latter will be in a position to compensate the injured party (financially) for the offensive speech. The Israeli legal system, which in many ways furnishes a unique and interesting framework for examining the question posed above, as we explain in the body of the article, presents a fascinating example of how the Israeli legislature and the courts have dealt and continue to deal with claims filed against website owners for damage to reputation as a result of speech published by third parties. The article offers a comprehensive review of the status of the right to freedom of speech, anonymity and the right to reputation in Israel, the considerations for and against the imposition of liability on website owners and the latest case law on these questions.